{"id":"CLSA-2025-1764152160","summary":"squid: Fix of CVE-2025-62168","details":"- CVE-2025-62168: fix failure to redact HTTP authentication credentials in error\n  handling to prevent information disclosure\n- email_err_data directive now defaults to 'off' for security (previously 'on')","modified":"2026-05-27T11:18:34.661726404Z","published":"2025-11-26T10:16:05Z","upstream":["CVE-2025-62168"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/rhel7els/CLSA-2025-1764152160.html"}],"affected":[{"package":{"name":"squid","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/squid?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:3.5.20-17.0.5.el7_9.99.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1764152160.json"}},{"package":{"name":"squid-migration-script","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/squid-migration-script?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:3.5.20-17.0.5.el7_9.99.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1764152160.json"}},{"package":{"name":"squid-sysvinit","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/squid-sysvinit?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7:3.5.20-17.0.5.el7_9.99.tuxcare.els2"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1764152160.json"}}],"schema_version":"1.7.5"}